Abstract

The TCP-MD5 option is most commonly used to secure BGP sessions
between routers. However, changing the long-term key is difficult,
since the change needs to be synchronized between different
organizations. We describe single-ended strategies that will permit
(mostly) unsynchronized key changes. This memo provides information for the Internet community.